From be520036b42eafbcc843c96298b92910d6d13405 Mon Sep 17 00:00:00 2001
From: Xiangyu Tian <109123695+xiangyuT@users.noreply.github.com>
Date: Thu, 21 Dec 2023 15:04:38 +0800
Subject: [PATCH] Fix command injection issue in bigdl_aa.py (#9741)

---
 ppml/tdx/docker/trusted-bigdl-llm/finetune/docker/bigdl_aa.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ppml/tdx/docker/trusted-bigdl-llm/finetune/docker/bigdl_aa.py b/ppml/tdx/docker/trusted-bigdl-llm/finetune/docker/bigdl_aa.py
index d848fd65893..e179bd56c83 100644
--- a/ppml/tdx/docker/trusted-bigdl-llm/finetune/docker/bigdl_aa.py
+++ b/ppml/tdx/docker/trusted-bigdl-llm/finetune/docker/bigdl_aa.py
@@ -5,6 +5,7 @@
 import base64
 import requests
 import subprocess
+import shlex
 
 app = Flask(__name__)
 
@@ -32,7 +33,7 @@ def get_cluster_quote_list():
     except Exception as e:
         quote_list.append("launcher", "quote generation failed: %s" % (e))
 
-    command = "sudo -u mpiuser -E bash /ppml/get_worker_quote.sh %s" % (user_report_data)
+    command = "sudo -u mpiuser -E bash /ppml/get_worker_quote.sh %s" % (shlex.quote(user_report_data))
     output = subprocess.check_output(command, shell=True)
 
     with open("/ppml/output/quote.log", "r") as quote_file: